Monthly Archives: October 2009

AMI MySQL cluster database access

Posted on by
Reply

One of the challenges when deploying MySQL databases and clusters on Amazon EC2 AMIs is that the IP address of the AMIs are assigned dynamically. If your topology involves only a single instance then you can simply use localhost to access your MySQL server.

Cloud Foundry solves this problem by ensuring that ‘dbmaster’ always resolves to the IP address of the MySQL server or lets you launch the application with system property that specifies the MySQL server hostname.

Using the JVM option “-DdbHostName=${databasePrivateDnsName}” sets the the system property’dbHostName’ to the MySQL server’s host name. A Spring/Java application can then use a PropertyPlaceholderConfigurer bean to substitute this value into the database url, e.g. jdbc:mysql://${dbHostName}:3306/.

AWS security group(s) (cloudwall(s))

Posted on by
Reply

The default Amazon Web Services (AWS) default (security) group (aka cloudwall/firewall) only allows access to AMIs from the same group. However you and your desktop or notebook or any customers PCs will not be in this group and therefore blocked even if you have setup key pairs (http://code.google.com/p/cloudtools/wiki/Ec2KeyPair) !

You’ll need to add security rules to ALLOW ports such as SSH (22), SMTP (25), HTTP (80) etc to be accessible from outside the group ie any IP in the world (0.0.0.0/0) instead of just that group !

Just login to your AWS Console select the Security Groups tab, select deafult group and create the new rule(s) and/or create new security groups. (http://code.google.com/p/cloudtools/wiki/EnablingSshAccess)

You may also want to allow your webserver instances to talk to your database servers in which case make sure you

  • either ensure web servers and db servers are running in the same default group

or

  • create a db servers (security) group that allow access from a web servers (security) group and make sure your webserver AMI(s) & db AMI(s) are running in the correct security group.

Heroku

Posted on by
Reply

Heroku is the instant ruby platform for clouds.

Deploy any ruby app instantly with a simple and familiar git push. Take advantage of advanced features like HTTP caching, memcached, rack middleware, and instant scaling built into every app. Never think about hosting or servers again.

AWS Multi-Factor Authentication

Posted on by
Reply

AWS Multi-Factor Authentication is an additional layer of security that offers enhanced control over your AWS account settings.

AWS MFA uses an authentication device that continually generates random, six-digit authentication codes solely for your use. Once you enable AWS MFA, every time somebody tries to sign in to your secure pages on the AWS website or AWS Management Console, access will only be granted after the correct Amazon email-id and password and the current code from your authentication device are provided.